package com.cloud.client.config;

import jakarta.annotation.Resource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class ClientConfg {
 @Resource
 private MyHttpSessionOAuth2AuthorizationRequestRepository myHttpSessionOAuth2AuthorizationRequestRepository;
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.csrf(crsf->crsf.disable());
  /*      authorizeHttpRequests((authorize) -> authorize
                .requestMatchers("/login/oauth2/code/my-oidc-provider").permitAll()
        )*/
//OAuth2AccessTokenResponse
        http.authorizeHttpRequests((authorize) ->  authorize
                        .requestMatchers("/login/oauth2/code/my-oidc-provider","/assets/**", "/webjars/**", "/login","/static/**","/users/userinfo","token").permitAll()
        ).httpBasic(basic->basic.disable())
                .oauth2Client(Customizer.withDefaults())
                .oauth2Login(login->login.authorizationEndpoint(end->end.authorizationRequestRepository(myHttpSessionOAuth2AuthorizationRequestRepository)).defaultSuccessUrl("/token"))
                .oauth2ResourceServer(oauth2 -> oauth2
                .jwt(Customizer.withDefaults()));
        http.sessionManagement(session->session.sessionCreationPolicy(SessionCreationPolicy.NEVER));
        return http.build();
    }



}
